Modem/router can not see new iocage jails IP address

[Bernard Mentink]

Hi All,

I am in the process of moving my jails from warden to iocage style and so far have an emby server jail and a web page jail. However, both of these jails are not visible to the router (although they connect to the WAN just fine)

They have shared IP address of 192.168.178.6 & 7 and Freenas Server is on 192.168.178.37, my router is on 192.168.178.1
(The jails were set up like: ip4_addr="igb0|192.168.178.6/24" etc)

The old warden jails showed up fine in the router admin web page (FritzBox) so I would route ports to them, but the new iocage jails do not so I am stuck.
I have made sure that the defaultroutes for both iocage jails is set to 192.168.178.1

Is it because all machines share the same macaddress, so the router only sees the xxx.37 IP? If so how do I route ports to the jails, i.e emby needs port 8096 open ..

Any idea's?

 

[danb35]

What happens if you enable virtual networking on the iocage jails? ip4_addr="vnet0|192.168.178.6/24" vnet="on"

Regardless, that's a broken UI for the router if it will only allow you to do port forwarding for IPs it knows about.

Edit: I've never used a Fritzbox product, but this page suggests you should be able to type in the IP; the UI will only list the IPs it gives out via DHCP:

If you cannot select the device, then you can select "Enter the IP address manually" and enter the IP address. Only devices that automatically obtain their IP settings (DHCP) from the FRITZ!Box are listed in the drop-down list.

 

[Bernard Mentink]

Thanks. I had already tried sharing a manual IP on the FritzBox, all I got for my efforts was:

Code:

An error occurred.

Error description: The IP address is not available.

Please enter your data again. If the error occurs again, please consult AVM Support.

Maybe I will try the vnet method. Can I modify an existing jail to do that, or do I have to set up a new one?

Cheers

 

[danb35]

To the best of my knowledge, you'd need to build a new jail--but I'm far from an iocage expert.

But that's stunningly stupid software in your router.

 

[Jailer]

But that's stunningly stupid software in your router.

Agreed. That lack of flexability alone would have me looking for something else.

 

[Bernard Mentink]

I found out what the issue is:

On the FritzBox pulldown list was multiple "FreeNAS" devices (hostnames) I had to go through each one to see which had the IP of 192.168.178.6 for my "emby" jail.
It would not propagate the hostname through it seems ..
Is there anything I can do in the jail to force that?

 

[danb35]

Is there anything I can do in the jail to force that?

You could add host_hostname="name" to the iocage create command, that might help.

 

[Bernard Mentink]

It is already set .. ;) but thanks

 

[Bernard Mentink]

So it seems the Fritz box won't allow what I am trying to do .. from the FAQ

Code:

3 Multiple IP addresses for the same MAC address
You cannot set up port sharing in the FRITZ!Box for devices if they use multiple IP addresses for the same MAC address. The FRITZ!Box does not support devices that use several IP addresses with the same MAC address (for example virtual machines with manually assigned MAC addresses that are used by several devices in the home network).

SO my options are to get another router/modem/DECT unit (any suggestions) that will support multiple IP's off the same MAC address .. or
Work out some sort of VLAN method that the Fritzbox is happy with ..... any suggestions? I am stumped/frustrated ..

 

[Jailer]

Change the MAC addresses on each jail so each one is unique.

 

[garm]

Sounds like they coded themselvs into a corner.. let go of the consumer stuff and set up a proper firewall, I advocate pfSense on hardware sized for your needs. (There are other options as well)

 

[danb35]

any suggestions

As to the router, anything that isn't completely brain-dead would do (and I'd heard Fritzbox mentioned as though it were moderately featureful--apparently not). I'd second the vote for pfSense, but I'm pretty sure most consumer routers would allow this.

 

[Bernard Mentink]

Change the MAC addresses on each jail so each one is unique.

That sounds like a quick fix. Can you tell me where I can get a pool of mac address's I can use, and how to set it for the jail .... thanks
(I can't see an iocage set ... command for the mac address)

 

[Jailer]

It likely won't matter, just change them to something so they don't match each other.

 

[Bernard Mentink]

It likely won't matter, just change them to something so they don't match each other.

Yep, but how do I change it for the jail and make it permanent?

 

[Jailer]

Well I thought I remember reading something in the documentation on it but I can't seem to find it now. I'll have to do some searching to see what I can come up with.

I'd still get a different router...........

 

[Bernard Mentink]

Well I thought I remember reading something in the documentation on it but I can't seem to find it now. I'll have to do some searching to see what I can come up with.

I'd still get a different router...........

Yep will do, but it is going to mess me about quite a bit at the moment, don't want to discrupt too may things just yet.
Appreciate if you could find out about setting the mac address though ;)

 

[Bernard Mentink]

Thought's on setting mac address per jail anyone?